Linksys

  • Updated on Aug 21, 2025
  • Published on Aug 5, 2020
  • 2 minute(s) read
  • Perimeter Support
  • m
 Prev Next

Introduction

This guide will guide you through the necessary steps to establish a Site-to-Site VPN tunnel between your Harmony SASE network and your Linksys environment.

Breakdown of topics

  1. Pre-requisites
  2. Configuration Steps
  3. Verifying the Setup
  4. Troubleshooting
  5. Support Contacts

Pre-requisites

To successfully follow this guide, ensure that:

  1. An active Harmony SASE account and a setup network.
  2. The Harmony SASE application is installed on your necessary devices.
  3. A working Linksys setup with the appropriate administrative privileges.

Configuration Steps

Configuring the tunnel in the Management Platform

  1. Select the network tab from the menu on the left side of the screen. Choose the network that contains the gateway in your network to which you'd like to create the tunnel. Select the three-dotted icon besides the gateway's name and select Add Tunnel.
    360010932540ScreenShot2019-08-27at140615.png

  2. Select IPSec Site-2-Site Tunnel and select Continue.

  3. In the General Settings section fill in the following information:

  • Name: Choose whatever name you find suitable for the tunnel.
  • Shared Secret: Enter a character string of your own or use Generate.
  • Public IP/Remote ID: Enter the public IP from which the Linksys device is connected to the internet.
  • Harmony SASE Gateway Proposal Subnets: Choose the specified subnet. By default, this should be set to 10.2XX.0.0/16.
  • Remote Gateway Proposal Subnets: Select Specified Subnets and specify according to your local LAN Subnets.

  1. In the Advanced Settings section fill in the following:
  • IKE Version: V2
  • DPD detection: 30s
  • DPD timeout: 10s
  • Encryption (Phase 1): AES256
  • Encryption (Phase 2): AES256
  • Integrity (Phase 1): SHA1
  • Integrity (Phase 2): SHA1
  • Key Exchange Method: modp1536
  • Key Exchange Method: modp1536

Leave the rest of the fields with the default values (as shown in the attached image) and click on add a tunnel.

Configuring the tunnel in the Linksys Web Interface

  1. Open the Netgear management interface (typically 192.168.1.1).
  2. In the left panel, select VPN, then select Gateway to Gateway.
  3. Fill in the following information:
    Add a New Tunnel
    Tunnel Name: Enter a name of your choice.
    Interface: WAN1
    Local Group Setup
    Local Security Gateway Type: IP Only
    IP Address: Your external IP address (should be filled automatically)
    Local Security Group Type: Subnet
    IP Address: Enter the local IP address.
    Subnet Mask: Enter the subnet mask.
    Local Group Setup
    Remote Security Gateway Type: IP Only
    IP Address: Your P81 gateway IP address.
    Remote Security Group Type: Subnet
    IP Address: 10.255.0.0
    Subnet Mask: 255.255.0.0
  4. Continue to IPSec Setup and fill in accordingly:
    Keying Mode: IKE with PSK
    Phase 1 DHG: Group 5
    Phase 1 Encryption: AES256
    Phase 1 Authentication: SHA1
    Phase 1 SA Lifetime: 28800
    PFS: Enabled
    Phase 2 DHG: Group 5
    Phase 2 Encryption: AES256
    Phase 2 Authentication: SHA1
    Phase 2 SA Lifetime: 3600
    Preshared Key: Enter the same key you entered in the Harmony SASE portal.
  5. Select Advanced. Enable Keep-Alive and set Dead Peer Detection Interval to 10 seconds. Leave the rest of the advanced settings with the default values.

Verifying the Setup

After following the above steps, your tunnel should be active.
To verify, go to your Harmony SASE dashboard, locate the tunnel you just created, and check the tunnel status.
It should indicate that the tunnel is "Up", signifying a successful connection.
Next, connect to your network using the Harmony SASE agent and attempt to access one of the resources in your environment.

Troubleshooting

If you encounter issues during or after the setup, try reviewing your settings to ensure everything matches the instructions. In particular, check the IP addresses and other details you entered during setup. If issues persist, please consult our dedicated support.

Support Contacts

If you have any difficulties or questions, don't hesitate to contact Harmony SASE's support team. We offer 24/7 chat support on our website at sase.checkpoint.com, or you can email us at sase-support@checkpoint.com. We're here to assist you and ensure your VPN tunnel setup is a success.